<?xml version="1.0" encoding="UTF-8" ?>
<?xml-stylesheet type="text/xsl" href="https://devzone.nordicsemi.com/cfs-file/__key/system/syndication/rss.xsl" media="screen"?><rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/f/nordic-q-a/91550/danalock-v3-smart-lock-nrf-dfu-firmware-rewrite-twice</link><description>Hello, 
 I bought a Danalock V3 type smart lock. The manufacturer sent me the firmware file. The first time I uploaded the file 2 out of 2 processes ran: 
 UPDATING: Part 2 of 2 100% 
 But the second time only one, the bootloader did not upload. How can</description><dc:language>en-US</dc:language><generator>Telligent Community 13</generator><lastBuildDate>Fri, 23 Sep 2022 05:30:32 GMT</lastBuildDate><atom:link rel="self" type="application/rss+xml" href="https://devzone.nordicsemi.com/f/nordic-q-a/91550/danalock-v3-smart-lock-nrf-dfu-firmware-rewrite-twice" /><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387600?ContentTypeID=1</link><pubDate>Fri, 23 Sep 2022 05:30:32 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:f15a1eb2-e0aa-40da-bba4-61fc1dc5411e</guid><dc:creator>Vidar Berg</dc:creator><description>&lt;p&gt;In general, the only way you will be able to overwrite the bootloader is if the vendor distributes a new bootloader with a higher version number. This is to prevent replay attacks which can wear out flash or cause denial of service.&lt;/p&gt;
&lt;p&gt;If you suspect that the bootloader has been tampered with somehow, you probably can&amp;#39;t trust it to perform the update either. &lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387555?ContentTypeID=1</link><pubDate>Thu, 22 Sep 2022 16:23:01 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:b4440af3-156d-4859-8e02-ba445a0e99e3</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;There must be some way to overwrite the firmware repeatedly. &lt;span class="emoticon" data-url="https://devzone.nordicsemi.com/cfs-file/__key/system/emoji/1f914.svg" title="Thinking"&gt;&amp;#x1f914;&lt;/span&gt;&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387553?ContentTypeID=1</link><pubDate>Thu, 22 Sep 2022 16:11:29 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:edb48c49-4a2d-49c6-bc07-10100e77d167</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;The answer is simple. It only allows you to run a full upgrade on the first upgrade. The second one will not run. If the Smart lock is replaced, the infected bootloader cannot be overwritten.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387510?ContentTypeID=1</link><pubDate>Thu, 22 Sep 2022 13:08:15 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:8b8aebab-703d-407a-b138-42c179cbbfad</guid><dc:creator>Vidar Berg</dc:creator><description>&lt;p&gt;But how would an adversary be able to upload malicious code in the first if they don&amp;#39;t have access to the private key needed to sign the update? Also, please keep in mind that the vendor is free to add additional security mechanisms into their design. I can only really comment the security we have implemented in our code examples.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387156?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 18:15:10 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:9eec8ade-270e-49eb-84e3-efcb9cf5b392</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;So now I don&amp;#39;t know what the solution is. The description says that when the bootloader is uploaded, the whole firmware file is not scanned, so malicious code can be uploaded.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387155?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 18:04:57 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:3d59d07f-8c29-4dac-9bf7-236d404215f7</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;But technically, is it possible that malicious code is placed in the bootloader to make the bluetooth connection crackable?&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387154?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 18:03:39 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:d033de8a-147b-4a20-84d6-3b1339e0f28a</guid><dc:creator>Vidar Berg</dc:creator><description>&lt;p&gt;This is the reason for why the bootloader will only accept signed updates. The bootloader also includes the option for &lt;span&gt;&lt;a title="Boot validation" href="https://infocenter.nordicsemi.com/topic/sdk_nrf5_v17.1.0/lib_secure_boot.html?cp=8_1_3_5_0_8_1#secure_boot_validation"&gt;Boot validation&lt;/a&gt;.&lt;/span&gt;&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387144?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 16:59:41 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:c5edbefd-c06d-4ea9-9f88-726dee756e57</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;&lt;span&gt;UPDATING: Part 2 of 2 100%&lt;/span&gt;&lt;/p&gt;
&lt;p&gt;&lt;span&gt;&lt;/span&gt;&lt;span&gt;This update has only been fully run once. If I try it now, it runs 1/2 instead of 2/2. And as I wrote above it is risky because it might someone have infected the bootloader, which I cannot overwrite now.&lt;/span&gt;&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387143?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 16:55:12 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:ac65465f-412f-4041-8a25-cf57091ccd5a</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;The SoftDevice part itself is not enough to reinstall, I suppose that if deep malicious code has been installed, it is the bluetooth connection itself that is vulnerable, not the encrypted (172kb application without bootloader) frimware I installed.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/387142?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 16:53:04 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:cf55e695-ad4f-40b9-b538-a56bc13f9621</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;I had a hunch that was the reason. But what if someone replaced my smart lock and installed an hacked firmware/bootloader? I cannot overwrite the hacked version because the system detects that the latest version is installed. There must be some way to overwrite the bootloader again.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/386992?ContentTypeID=1</link><pubDate>Tue, 20 Sep 2022 06:59:56 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:2fe1e20c-54b8-4719-be5d-be735f9326cf</guid><dc:creator>Vidar Berg</dc:creator><description>&lt;p&gt;nrftoolbox will proceed right to the application update if the softdevice and bootloader are up-to-date. In other words, it seems like you already have the latest version of the bootloader and softdevice in your device.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/386954?ContentTypeID=1</link><pubDate>Mon, 19 Sep 2022 17:41:08 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:a0244b21-b185-448e-8fc6-2c95b69d2ea6</guid><dc:creator>lenovomen</dc:creator><description>&lt;p&gt;I use Nrf toolbox. Apparently successful but in fact the first process does not run it skips.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item><item><title>RE: Danalock V3 Smart Lock nRF DFU firmware rewrite twice</title><link>https://devzone.nordicsemi.com/thread/384591?ContentTypeID=1</link><pubDate>Mon, 05 Sep 2022 13:04:01 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:e0084d46-2450-4f08-bb34-06e986919134</guid><dc:creator>Vidar Berg</dc:creator><description>&lt;p&gt;Hello,&lt;/p&gt;
[quote user=""]UPDATING: Part 2 of 2 100% [/quote]
&lt;p&gt;I&amp;#39;m not sure what app you use to perform the update, but the message indicates to me that the device was updated successfully. How do you determine that the bootloader did not get updated?&lt;/p&gt;
&lt;p&gt;Thanks,&lt;/p&gt;
&lt;p&gt;Vidar&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item></channel></rss>